1. SPS Accounts:
    Do you find yourself coming back time after time? Do you appreciate the ongoing hard work to keep this community focused and successful in its mission? Please consider supporting us by upgrading to an SPS Account. Besides the warm and fuzzy feeling that comes from supporting a good cause, you'll also get a significant number of ever-expanding perks and benefits on the site and the forums. Click here to find out more.
    Dismiss Notice
Dismiss Notice
You are currently viewing Boards o' Magick as a guest, but you can register an account here. Registration is fast, easy and free. Once registered you will have access to search the forums, create and respond to threads, PM other members, upload screenshots and access many other features unavailable to guests.

BoM cultivates a friendly and welcoming atmosphere. We have been aiming for quality over quantity with our forums from their inception, and believe that this distinction is truly tangible and valued by our members. We'd love to have you join us today!

(If you have any problems with the registration process or your account login, please contact us. If you've forgotten your username or password, click here.)

Cloudbleed problem?

Discussion in 'Techno-Magic' started by pplr, Feb 26, 2017.

  1. pplr Gems: 18/31
    Latest gem: Horn Coral

     Veteran

    Joined:
    Mar 19, 2008
    Messages:
    1,032
    Media:
    2
    Likes Received:
    35
    Remove all ads!
    Hello,

    Local news put out an alert to a security hole in one of the clouds a bunch of websites use-I looked through the list and didn't see sorcerers on it so I think we are ok but I just wanted to bring it up as a question.

    Also, if anyone here uses one of the sites on it he or she may want to check the list and change passwords.

    This is the news story.

    For those more tech savy than myself what do you think of the issue and of the quality of the report?
     
    pplr, Feb 26, 2017
    #1
  2. Taluntain

    Taluntain Resident Alpha and Omega Staff Member ★ SPS Account Holder Resourceful Adored Veteran Pillars of Eternity SP Immortalizer (for helping immortalize Sorcerer's Place in the game!) New Server Contributor [2012] (for helping Sorcerer's Place lease a new, more powerful server!) Torment: Tides of Numenera SP Immortalizer (for helping immortalize Sorcerer's Place in the game!) BoM XenForo Migration Contributor [2015] (for helping support the migration to new forum software!)

    Joined:
    Jun 11, 2000
    Messages:
    23,475
    Media:
    494
    Likes Received:
    538
    Gender:
    Male
    We weren't affected.
     
    Taluntain, Feb 26, 2017
    #2

  3. Wayward Son Gems: 5/31
    Latest gem: Andar

    Joined:
    Dec 28, 2016
    Messages:
    148
    Likes Received:
    20
    Gender:
    Male
    It was mainly just an issue of fake flagging a variable and that allowing entrance. If it's been patched up, then there should be no future problems. The main issue this could have is largely dependent upon the sites that used CDN. I've only ever seen two, maybe three sites that use it, AFAIK. And none of them had any major information beyond passwords and usernames along with an email. However, if you use the same email for those things as for other things, and you use the same password for everything/most things, this could have major problems if someone got a password, because that means they just cracked most- if not all- of your accounts. Which is bad. They could have also gotten other information that you tell the site, such as your name, location, credit card numbers, or, God forbid, SSN (though, any sites that would ask for SSN and be legit are A) few and far between and B ) Probably going to have their own Domain servers). So, major advice is, use different, even if slightly, passwords that are long, have capitals, have numbers and have symbols for everything. Don't tell any site that isn't government run or a collegiate site of some sort your SSN. Don't let sites save your CC number, I know it's a major PITA, but it's not worth the risk.
     
    Wayward Son, Mar 4, 2017
    #3
    pplr likes this.
Sorcerer's Place is a project run entirely by fans and for fans. Maintaining Sorcerer's Place and a stable environment for all our hosted sites requires a substantial amount of our time and funds on a regular basis, so please consider supporting us to keep the site up & running smoothly. Thank you!

Sorcerers.net is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to products on amazon.com, amazon.ca and amazon.co.uk. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates.